gnupg2

Commit Graph

Author	SHA1	Message	Date
Daniel Kahn Gillmor	81cb1b5eea	gpg: Prefer SHA-512 and SHA-384 in personal-digest-preferences. * g10/keygen.c (keygen_set_std_prefs): prefer SHA-512 and SHA-384 by default. -- In 8ede3ae29a39641a2f98ad9a4cf61ea99085a892, upstream changed the defaults for --default-preference-list to advertise a preference for SHA-512, without touching --personal-digest-preferences. This makes the same change for --personal-digest-preferences, since every modern OpenPGP library supports them all. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Gbp-Pq: Topic update-defaults Gbp-Pq: Name gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch	2022-05-13 23:35:57 +08:00
Daniel Kahn Gillmor	848046808c	gpg: default to 3072-bit RSA keys. * agent/command.c (hlp_genkey): update help text to suggest the use of 3072 bits. * doc/wks.texi: Make example match default generation. * g10/keygen.c (DEFAULT_STD_KEY_PARAM): update to rsa3072/cert,sign+rsa3072/encr, and fix neighboring comment, (gen_rsa, get_keysize_range): update default from 2048 to 3072). * g10/keyid.c (pubkey_string): update comment so that first example is the default 3072-bit RSA. -- 3072-bit RSA is widely considered to be 128-bit-equivalent security. This is a sensible default in 2017. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> (cherry picked from commit 909fbca19678e6e36968607e8a2348381da39d8c) Gbp-Pq: Topic from-master Gbp-Pq: Name gpg-default-to-3072-bit-RSA-keys.patch	2022-05-13 23:35:57 +08:00
openKylinBot	c646d1b013	Import Upstream version 2.2.19	2022-05-13 23:35:49 +08:00

Author

SHA1

Message

Date

Daniel Kahn Gillmor

81cb1b5eea

gpg: Prefer SHA-512 and SHA-384 in personal-digest-preferences.

* g10/keygen.c (keygen_set_std_prefs): prefer SHA-512
and SHA-384 by default.

--

In 8ede3ae29a39641a2f98ad9a4cf61ea99085a892, upstream changed the
defaults for --default-preference-list to advertise a preference for
SHA-512, without touching --personal-digest-preferences.  This makes
the same change for --personal-digest-preferences, since every modern
OpenPGP library supports them all.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Gbp-Pq: Topic update-defaults
Gbp-Pq: Name gpg-Prefer-SHA-512-and-SHA-384-in-personal-digest.patch

2022-05-13 23:35:57 +08:00

Daniel Kahn Gillmor

848046808c

gpg: default to 3072-bit RSA keys.

* agent/command.c (hlp_genkey): update help text to suggest the use of
3072 bits.
* doc/wks.texi: Make example match default generation.
* g10/keygen.c (DEFAULT_STD_KEY_PARAM): update to
rsa3072/cert,sign+rsa3072/encr, and fix neighboring comment,
(gen_rsa, get_keysize_range): update default from 2048 to 3072).
* g10/keyid.c (pubkey_string): update comment so that first example
is the default 3072-bit RSA.

--

3072-bit RSA is widely considered to be 128-bit-equivalent security.
This is a sensible default in 2017.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

(cherry picked from commit 909fbca19678e6e36968607e8a2348381da39d8c)

Gbp-Pq: Topic from-master
Gbp-Pq: Name gpg-default-to-3072-bit-RSA-keys.patch

2022-05-13 23:35:57 +08:00

openKylinBot

c646d1b013

Import Upstream version 2.2.19

2022-05-13 23:35:49 +08:00

3 Commits